The minimum reward for a verified bug is $25.00 USD. The total amount of the reward is based on several factors such as the severity of the issue. Only one (1) reward will be issued for each bug or security vulnerability.

ReleaseWire will review each bug and security vulnerability report to determine if it qualifies for a reward. All submissions are processed in the order received.

Bug Disclosure Policy

To be eligible for our Bug Bounty Program you agree to give us a reasonable time to respond to your initial submission, review your findings and correct the issue once verified before making any information regarding the issue public. You agree not to violate the privacy of other ReleaseWire users, including using a security vulnerability to interact with their ReleaseWire account. You further agree not to change, damage or destroy any data stored on the ReleaseWire servers with the exception of an account crated for testing purposes. Finally, you agree to not interrupt or degrade the ReleaseWire service.

If our Bug Disclosure Policy is followed, we agree not to ask law enforcement agencies no take action against you or to file a lawsuit against you.

Eligibility Requirements

You must be the first person to report the bug of security vulnerability.

You must follow our Bug Disclosure Policy

For non-security related bugs, the bug must not be known to our staff and impact the ability for ReleaseWire users to interact with our service.

You must be located in a country that is not subject to any sanctions from the United States Government.

Must provide the web address(s) where the bug is located.

Creating a Testing Account

In General, ReleaseWire's Terms of Service agreement requires a maximum of one account per user. We waive this requirement if the purpose of the additional account is for testing. Please be aware that your testing accounts will require a separate e-mail address.